wklejto.pl

Dodane przez: ~Anonim (2016-06-10 11:43) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:09-06-2016
Uruchomiony przez Jacek (administrator)  JACEK-PC (09-06-2016 23:28:54)
Uruchomiony z C:UsersJacekDownloads
Zaadowane profile: Jacek (Dostpne profile: Jacek & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Jzyk: Polski (Polska)
Internet Explorer Wersja 9 (Domylna przegldarka: FF)
Tryb startu: Normal
Instrukcja obsugi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Procesy (filtrowane) =================
 
(Zaczenie wejcia w fixlist spowoduje zamknicie procesu. Powizany plik nie zostanie przeniesiony.)
 
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgrsa.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgcsrva.exe
(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe
(Microsoft Corporation) C:WindowsSystem32SLsvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
(NVIDIA Corporation) C:WindowsSystem32nvvsvc.exe
() C:WindowsmHotkey.exe
(Realtek Semiconductor) C:WindowsRAVCpl64.exe
(Intel Corporation) C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe
(eRmail Company, s. r. o.) C:UsersJacekAppDataRoamingeRclienteRclient.exe
(TomTom) C:Program Files (x86)MyDrive ConnectTomTom MyDrive Connect.exe
(Microsoft Corporation) C:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXE
(OpenOffice.org) C:Program Files (x86)OpenOffice.ux.pl 3programsoffice.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGFrameworkCommonavguix.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgui.exe
(Agere Systems) C:WindowsSystem32agr64svc.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGFrameworkCommonavgsvca.exe
(Chicony) C:WindowsModLEDKey.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgwdsvca.exe
(OpenOffice.org) C:Program Files (x86)OpenOffice.ux.pl 3programsoffice.bin
() C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgnsa.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAvavgemca.exe
(Intel Corporation) C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe
() C:WindowsSysWOW64PnkBstrA.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG PC TuneUpTuneUpUtilitiesService64.exe
(Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
(Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE
(Microsoft Corporation) C:Program FilesWindows Media Playerwmpnscfg.exe
(AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAVG PC TuneUpTuneUpUtilitiesApp64.exe
(Chicony) C:WindowsChiFuncExt.exe
(Opera Software) C:Program FilesOpera x64opera.exe
(Microsoft Corporation) C:WindowsSystem32mobsync.exe
(Mozilla Corporation) C:Program Files (x86)Mozilla Firefoxfirefox.exe
(Adobe Systems, Inc.) C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_21_0_0_242.exe
(Microsoft Corporation) C:WindowsSystem32conime.exe
 
 
==================== Rejestr (filtrowane) ===========================
 
(Zaczenie wejcia w fixlist spowoduje usunicie obiektu z rejestru lub przywrcenie jego domylnej postaci. Powizany plik nie zostanie przeniesiony.)
 
HKLM...Run: [RtHDVCpl] => C:WindowsRAVCpl64.exe [6455840 2008-08-04] (Realtek Semiconductor)
HKLM...Run: [Skytel] => C:WindowsSkytel.exe [1833504 2008-08-04] (Realtek Semiconductor Corp.)
HKLM...Run: [IAAnotif] => C:Program Files (X86)IntelIntel Matrix Storage ManagerIaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM-x32...Run: [LchDrvKey] => C:WindowsLchDrvKey.exe [36864 2007-03-29] ()
HKLM-x32...Run: [AvgUi] => C:Program Files (x86)AVGFrameworkCommonavguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32...Run: [AVG_UI] => C:Program Files (x86)AVGAvavgui.exe [6570256 2016-05-20] (AVG Technologies CZ, s.r.o.)
WinlogonNotifyigfxcui: C:Windowssystem32igfxdev.dll (Intel Corporation)
HKUS-1-5-21-2564329979-2589729149-3282739977-1000...Run: [eRclient] => C:UsersJacekAppDataRoamingeRclienteRclient.exe [1269248 2013-07-15] (eRmail Company, s. r. o.)
HKUS-1-5-21-2564329979-2589729149-3282739977-1000...Run: [DAEMON Tools Lite] => C:Program Files (x86)DAEMON Tools LiteDTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKUS-1-5-21-2564329979-2589729149-3282739977-1000...Run: [MyDriveConnect.exe] => C:Program Files (x86)MyDrive ConnectTomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:ProgramDataGGggdriveggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
Startup: C:UsersJacekAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOneNote 2007 Screen Clipper and Launcher.lnk [2014-09-23]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:Program Files (x86)Microsoft OfficeOffice12ONENOTEM.EXE (Microsoft Corporation)
Startup: C:UsersJacekAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOpenOffice.ux.pl 3.0.lnk [2014-10-15]
ShortcutTarget: OpenOffice.ux.pl 3.0.lnk -> C:Program Files (x86)OpenOffice.ux.pl 3programquickstart.exe ()
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLMSOFTWAREPoliciesGoogle: Ograniczenia <======= UWAGA
 
==================== Internet (filtrowane) ====================
 
(Zaczenie wejcia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunicie go z rejestru lub przywrcenie jego domylnej postaci.)
 
Hosts: W pliku Hosts jest wicej ni jedno wejcie. Sprawd sekcj Hosts w Addition.txt
TcpipParameters: [DhcpNameServer] 192.168.0.1
Tcpip..Interfaces{88726641-6C9F-43D6-A1EA-D8B41DDD1F1A}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLMSOFTWAREPoliciesMicrosoftInternet Explorer: Ograniczenia <======= UWAGA
HKUS-1-5-21-2564329979-2589729149-3282739977-1000SOFTWAREPoliciesMicrosoftInternet Explorer: Ograniczenia <======= UWAGA
HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = about:blank
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page = hxxp://www.google.com
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = hxxp://www.google.com
HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKUS-1-5-21-2564329979-2589729149-3282739977-1000SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKUS-1-5-21-2564329979-2589729149-3282739977-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
SearchScopes: HKUS-1-5-21-2564329979-2589729149-3282739977-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKUS-1-5-21-2564329979-2589729149-3282739977-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKUS-1-5-21-2564329979-2589729149-3282739977-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKUS-1-5-21-2564329979-2589729149-3282739977-1000 -> {8F3EA15D-2317-4283-9F7F-E923E9AFAAB8} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
SearchScopes: HKUS-1-5-21-2564329979-2589729149-3282739977-1000 -> {szukaj.gazeta.pl} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_71binssv.dll [2016-01-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_71binjp2ssv.dll [2016-01-23] (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomoc identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKUS-1-5-21-2564329979-2589729149-3282739977-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Brak pliku
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
 
FireFox:
========
FF ProfilePath: C:UsersJacekAppDataRoamingMozillaFirefoxProfiles8a8dws2.default-1410903345768
FF SearchEngineOrder.3: Bing 
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_21_0_0_242.dll [2016-05-20] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:Program FilesJavajre1.8.0_71bindtpluginnpDeployJava1.dll [2016-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:Program FilesJavajre1.8.0_71binplugin2npjp2.dll [2016-01-23] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_21_0_0_242.dll [2016-05-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.30514.0npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 11.0ReaderAIRnppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF user.js: detected! => C:UsersJacekAppDataRoamingMozillaFirefoxProfiles8a8dws2.default-1410903345768user.js [2016-06-07]
FF Extension: ADB Helper - C:UsersJacekAppDataRoamingMozillaFirefoxProfiles8a8dws2.default-1410903345768Extensionsadbhelper@mozilla(390).org [2015-11-15]
FF Extension: Valence - C:UsersJacekAppDataRoamingMozillaFirefoxProfiles8a8dws2.default-1410903345768Extensionsfxdevtools-adapters@mozilla.org [2016-06-09]
FF HKLM-x32...FirefoxExtensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension [2014-05-13] [Brak podpisu cyfrowego]
 
==================== Usugi (filtrowane) ========================
 
(Zaczenie wejcia w fixlist spowoduje jego usunicie z rejestru. Powizany plik nie zostanie przeniesiony, o ile nie zostanie zaczony z osobna.)
 
S2 appdrvrem01; C:WindowsSystem32appdrvrem01.exe [538000 2015-08-31] (Protection Technology)
R2 AVGIDSAgent; C:Program Files (x86)AVGAvavgidsagenta.exe [5164800 2016-05-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:Program Files (x86)AVGFrameworkCommonavgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:Program Files (x86)AVGAvavgwdsvca.exe [705528 2016-05-20] (AVG Technologies CZ, s.r.o.)
R2 ETService; C:Program FilesGATEWAYGateway Recovery ManagementServiceETService.exe [24576 2008-06-11] () [Brak podpisu cyfrowego]
R2 PnkBstrA; C:WindowsSysWOW64PnkBstrA.exe [66872 2015-09-27] ()
R2 TuneUp.UtilitiesSvc; C:Program Files (x86)AVGAVG PC TuneUpTuneUpUtilitiesService64.exe [4803344 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ==========================
 
(Zaczenie wejcia w fixlist spowoduje jego usunicie z rejestru. Powizany plik nie zostanie przeniesiony, o ile nie zostanie zaczony z osobna.)
 
R1 appdrv01; C:WindowsSystem32Driversappdrv01.sys [2639976 2015-08-31] (Protection Technology)
U5 AppMgmt; C:Windowssystem32svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R1 Avgdiska; C:WindowsSystem32DRIVERSavgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:WindowsSystem32DRIVERSavgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:WindowsSystem32DRIVERSavgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:WindowsSystem32DRIVERSavgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:WindowsSystem32DRIVERSavgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:WindowsSystem32DRIVERSavgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:WindowsSystem32DRIVERSavgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:WindowsSystem32DRIVERSavgtdia.sys [279296 2016-05-17] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:WindowsSystem32DRIVERSavguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
S1 Beep; Brak ImagePath
R3 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [283064 2014-05-11] (Disc Soft Ltd)
R0 sptd; C:WindowsSystem32Driverssptd.sys [386680 2014-05-09] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:Program Files (x86)AVGAVG PC TuneUpTuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
U3 a5u8p53b; Brak ImagePath
U3 app9ikmf; C:WindowsSystem32Driversapp9ikmf.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
S3 catchme; ??C:ComboFixcatchme.sys [X]
S3 cpuz134; ??C:UsersJacekAppDataLocalTempcpuz134cpuz134_x64.sys [X]
S3 esgiguard; ??C:Program FilesEnigma Software GroupSpyHunteresgiguard.sys [X]
S3 ew_hwusbdev; system32DRIVERSew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32DRIVERSew_jucdcacm.sys [X]
S3 huawei_enumerator; system32DRIVERSew_jubusenum.sys [X]
S3 IpInIp; system32DRIVERSipinip.sys [X]
S3 NwlnkFlt; system32DRIVERSnwlnkflt.sys [X]
S3 NwlnkFwd; system32DRIVERSnwlnkfwd.sys [X]
S2 sbapifs; system32DRIVERSsbapifs.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Zaczenie wejcia w fixlist spowoduje jego usunicie z rejestru. Powizany plik nie zostanie przeniesiony, o ile nie zostanie zaczony z osobna.)
 
 
==================== Jeden miesic - utworzone pliki i foldery ========
 
(Zaczenie wejcia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-06-09 23:28 - 2016-06-09 23:29 - 00015776 _____ C:UsersJacekDownloadsFRST.txt
2016-06-09 23:26 - 2016-06-09 23:28 - 00000000 ____D C:FRST
2016-06-09 23:24 - 2016-06-09 23:24 - 02385408 _____ (Farbar) C:UsersJacekDownloadsFRST64.exe
2016-06-09 23:02 - 2016-06-09 23:07 - 00000000 ____D C:AdwCleaner
2016-06-09 23:00 - 2016-06-09 23:00 - 03677248 _____ C:UsersJacekDownloadsadwcleaner_5.119.exe
2016-06-08 20:49 - 2016-06-08 20:49 - 00001890 _____ C:UsersUpdatusUserDesktopHijackThis.lnk
2016-06-08 20:49 - 2016-06-08 20:49 - 00001890 _____ C:UsersJacekDesktopHijackThis.lnk
2016-06-08 20:49 - 2016-06-08 20:49 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsHijackThis
2016-06-08 20:49 - 2016-06-08 20:49 - 00000000 ____D C:Program Files (x86)Trend Micro
2016-06-08 20:48 - 2016-06-08 20:48 - 00812344 _____ (Trend Micro Inc.) C:UsersJacekDownloadsHJTInstall.exe
2016-06-08 20:17 - 2016-06-08 20:17 - 00003702 _____ C:WindowsSystem32TasksJava Platform SE Auto Updater
2016-06-08 20:03 - 2016-06-08 20:03 - 00001930 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG PC TuneUp.lnk
2016-06-08 20:03 - 2016-06-08 20:03 - 00001918 _____ C:UsersPublicDesktopAVG PC TuneUp.lnk
2016-06-08 20:03 - 2016-06-08 20:03 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG PC TuneUp
2016-06-08 20:03 - 2016-06-01 15:12 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32TURegOpt.exe
2016-06-08 20:03 - 2016-06-01 15:05 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32authuitu.dll
2016-06-08 20:03 - 2016-06-01 15:05 - 00039696 _____ (AVG Technologies CZ, s.r.o.) C:WindowsSysWOW64authuitu.dll
2016-06-08 20:00 - 2016-06-08 20:00 - 03135696 _____ (AVG Technologies CZ, s.r.o.) C:UsersJacekDownloadsAVG_PCTuneUp_890.exe
2016-06-07 22:32 - 2016-06-07 22:32 - 00000000 _____ C:UsersJacekFAPF05C.tmp
2016-06-07 22:32 - 2016-06-07 22:32 - 00000000 _____ C:UsersJacekFAPD4B0.tmp
2016-06-07 22:32 - 2016-06-07 22:32 - 00000000 _____ C:UsersJacekFAP1491.tmp
2016-06-07 21:59 - 2016-06-07 21:59 - 00000000 _____ C:UsersJacekFAPE082.tmp
2016-06-07 21:50 - 2016-06-07 21:50 - 00015171 _____ C:ComboFix.txt
2016-06-07 17:07 - 2016-06-09 05:49 - 00000000 ____D C:ComboFix
2016-06-07 16:44 - 2016-06-07 18:55 - 00000000 ____D C:UsersJacekAppDataLocaltemp(73)
2016-06-05 01:31 - 2016-06-09 05:49 - 00000000 ____D C:WindowsLeft 4 Dead
2016-06-05 01:31 - 2016-06-05 20:29 - 00000000 ____D C:Program Files (x86)Left 4 Dead
2016-06-03 22:31 - 2016-06-04 00:19 - 659658208 _____ C:UsersJacekDownloadsFear.the.Walking.Dead.S01E04.Not.Fade.Away.PL.480p.BRRip.AC3.2.0.XviD-Ralf.avi
2016-05-27 19:31 - 2016-05-27 21:23 - 687570580 _____ C:UsersJacekDownloadsFear.the.Walking.Dead.S01E03.The.Dog.PL.480p.BRRip.AC3.2.0.XviD-Ralf.avi
2016-05-20 22:37 - 2016-05-21 00:16 - 609277562 _____ C:UsersJacekDownloadsFear.the.Walking.Dead.S01E02.So.Close.Yet.So.Far.PL.480p.BRRip.AC3.2.0.XviD-Ralf.avi
2016-05-20 00:11 - 2016-05-20 00:11 - 05995712 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerInstaller.exe
2016-05-18 12:13 - 2016-05-18 12:13 - 00307456 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgidsdrivera.sys
2016-05-17 10:50 - 2016-05-17 10:50 - 00279296 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgtdia.sys
2016-05-15 22:27 - 2016-05-15 23:38 - 914936824 _____ C:UsersJacekDownloadsFear.the.Walking.Dead.S01E01.Pilot.PL.480p.BRRip.AC3.2.0.XviD-Ralf.avi
2016-05-15 01:07 - 2016-05-15 21:18 - 00000000 ____D C:WindowsSysWOW64directx
 
==================== Jeden miesic - zmodyfikowane pliki i foldery ========
 
(Zaczenie wejcia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-06-09 23:22 - 2006-11-02 17:22 - 00003616 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-09 23:22 - 2006-11-02 17:22 - 00003616 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-09 23:21 - 2013-08-18 01:59 - 00161736 _____ C:Windowssystem32perfh015.dat
2016-06-09 23:21 - 2013-08-18 01:59 - 00045282 _____ C:Windowssystem32perfc015.dat
2016-06-09 23:21 - 2006-11-02 15:33 - 00000000 ____D C:Windowsinf
2016-06-09 23:21 - 2006-11-02 14:46 - 00950564 _____ C:Windowssystem32PerfStringBackup.INI
2016-06-09 23:16 - 2012-06-06 11:12 - 00000000 _____ C:Windowssystem32LogConfigTemp.xml
2016-06-09 23:15 - 2006-11-02 17:42 - 00000006 ____H C:WindowsTasksSA.DAT
2016-06-09 23:14 - 2006-11-02 17:42 - 00032546 _____ C:WindowsTasksSCHEDLGU.TXT
2016-06-09 23:11 - 2014-09-17 22:44 - 00000930 _____ C:WindowsTasksAdobe Flash Player Updater.job
2016-06-09 23:08 - 2014-09-16 22:33 - 00000000 ____D C:Windowssystem32log
2016-06-09 23:07 - 2013-03-16 22:03 - 00000000 ____D C:ProgramDataMFAData
2016-06-09 05:49 - 2016-05-06 22:37 - 00000000 ____D C:Program Files (x86)Mozilla Firefox
2016-06-09 05:49 - 2016-04-30 22:27 - 00000000 ____D C:UsersJacekAppDataRoamingSteam
2016-06-09 05:49 - 2016-04-30 22:24 - 00000000 ____D C:Program Files (x86)The Walking Dead - Complete Second Season
2016-06-09 05:49 - 2016-04-09 02:36 - 00000000 ____D C:Program Files (x86)The Walking Dead - Complete First Season
2016-06-09 05:49 - 2016-03-20 18:04 - 00000000 ____D C:PIT Format 2015
2016-06-09 05:49 - 2016-01-31 03:34 - 00000000 ____D C:UsersJacekDocumentsMy Games
2016-06-09 05:49 - 2016-01-31 03:31 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCity Interactive
2016-06-09 05:49 - 2016-01-31 03:28 - 00000000 ____D C:Program Files (x86)City Interactive
2016-06-09 05:49 - 2016-01-07 04:12 - 00000000 ____D C:Program Files (x86)WB Games
2016-06-09 05:49 - 2016-01-07 00:26 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWB Games
2016-06-09 05:49 - 2015-11-16 02:30 - 00000000 ____D C:Windowserdnt
2016-06-09 05:49 - 2015-06-01 23:34 - 00000000 ____D C:Program Files (x86)MyDrive Connect
2016-06-09 05:49 - 2014-05-09 20:30 - 00000000 ____D C:UsersUpdatusUser
2016-06-09 05:49 - 2013-03-28 00:54 - 00000000 ____D C:UsersJacekAppDataRoamingIrfanView
2016-06-09 05:49 - 2006-11-02 15:34 - 00000000 ____D C:Windowssystem32spool
2016-06-09 05:49 - 2006-11-02 15:34 - 00000000 ____D C:Windowssystem32Msdtc
2016-06-09 05:49 - 2006-11-02 15:33 - 00000000 ____D C:Windowsservicing
2016-06-09 05:49 - 2006-11-02 15:33 - 00000000 ____D C:Windowsregistration
2016-06-09 05:49 - 2006-11-02 14:33 - 69730304 _____ C:Windowssystem32configsoftware_previous
2016-06-09 05:49 - 2006-11-02 14:33 - 25952256 _____ C:Windowssystem32configsystem_previous
2016-06-09 05:44 - 2006-11-02 14:33 - 49807360 _____ C:Windowssystem32configcomponents_previous
2016-06-09 05:44 - 2006-11-02 14:33 - 00262144 _____ C:Windowssystem32configsam_previous
2016-06-08 20:17 - 2013-03-30 16:53 - 00000000 ____D C:UsersJacekAppDataRoamingSkype
2016-06-08 20:03 - 2015-10-31 06:14 - 00000000 ____D C:UsersJacekAppDataLocalAvgSetupLog
2016-06-08 20:03 - 2014-04-30 21:56 - 00000000 ____D C:UsersJacekAppDataLocalAVG
2016-06-08 19:56 - 2013-03-28 00:53 - 00072192 _____ C:UsersJacekAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-08 19:54 - 2013-03-27 21:33 - 00074872 _____ C:UsersJacekAppDataLocalGDIPFONTCACHEV1.DAT
2016-06-08 19:52 - 2015-11-12 20:12 - 00000000 ____D C:UsersJacekAppDataLocalApps2.0
2016-06-08 19:51 - 2013-03-27 21:33 - 00000000 ____D C:UsersJacek
2016-06-08 02:56 - 2006-11-02 14:33 - 00524288 _____ C:Windowssystem32configdefault_previous
2016-06-08 02:56 - 2006-11-02 14:33 - 00262144 _____ C:Windowssystem32configsecurity_previous
2016-06-07 21:50 - 2015-11-15 20:59 - 00000000 ____D C:Qoobox
2016-06-07 17:21 - 2006-11-02 14:34 - 00000215 _____ C:Windowssystem.ini
2016-06-06 21:46 - 2015-11-16 02:24 - 05659224 ____R (Swearware) C:UsersJacekDownloadsComboFix.exe
2016-06-06 19:56 - 2006-11-02 17:21 - 00316168 _____ C:Windowssystem32FNTCACHE.DAT
2016-06-05 15:33 - 2013-03-28 01:02 - 00000000 ____D C:UsersJacekAppDataRoamingMedia Player Classic
2016-06-05 03:11 - 2013-11-23 17:07 - 00000000 ____D C:UsersJacekDownloadsPhoto and Video
2016-06-05 02:48 - 2016-01-31 03:34 - 00000000 ____D C:UsersJacekAppDataRoamingNVIDIA
2016-06-02 20:33 - 2015-12-04 01:10 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG
2016-05-20 00:11 - 2014-09-17 22:44 - 00797376 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe
2016-05-20 00:11 - 2014-09-17 22:44 - 00142528 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2016-05-20 00:11 - 2014-09-17 22:44 - 00003782 _____ C:WindowsSystem32TasksAdobe Flash Player Updater
2016-05-18 20:41 - 2015-12-04 01:07 - 00000765 _____ C:UsersPublicDesktopAVG.lnk
2016-05-18 20:41 - 2015-12-04 01:07 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG Zen
2016-05-15 01:20 - 2016-04-08 20:23 - 00000000 ____D C:UsersJacekDownloadsPack
 
==================== Pliki w katalogu gwnym wybranych folderw =======
 
2013-07-31 16:21 - 2014-03-06 20:56 - 0000290 _____ () C:UsersJacekAppDataRoamingwklnhst.dat
2013-12-20 20:46 - 2014-02-02 17:03 - 0000680 _____ () C:UsersJacekAppDataLocald3d9caps.dat
2014-05-09 19:39 - 2015-11-19 22:25 - 0000732 _____ () C:UsersJacekAppDataLocald3d9caps64.dat
2013-03-28 00:53 - 2016-06-08 19:56 - 0072192 _____ () C:UsersJacekAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-17 19:05 - 2015-01-26 19:27 - 0579983 _____ () C:UsersJacekAppDataLocaldd_depcheck_NETFX_EXP_35.txt
2013-08-17 19:04 - 2013-08-17 19:20 - 0000544 _____ () C:UsersJacekAppDataLocaldd_dotnetfx35error.txt
2013-08-17 19:10 - 2014-06-04 20:54 - 0001982 _____ () C:UsersJacekAppDataLocaldd_dotnetfx35error_lp.txt
2013-08-17 19:04 - 2015-01-26 19:29 - 0697614 _____ () C:UsersJacekAppDataLocaldd_dotnetfx35install.txt
2013-08-17 19:10 - 2015-01-26 19:27 - 0536470 _____ () C:UsersJacekAppDataLocaldd_dotnetfx35install_lp.txt
2015-01-26 19:26 - 2015-01-26 19:26 - 2808550 _____ () C:UsersJacekAppDataLocaldd_NET_Framework35_x64_MSI242C.txt
2013-08-17 19:09 - 2013-08-17 19:10 - 2525726 _____ () C:UsersJacekAppDataLocaldd_NET_Framework35_x64_MSI3EF0.txt
2014-05-13 21:04 - 2014-05-13 21:05 - 0623758 _____ () C:UsersJacekAppDataLocaldd_vcredistMSI3133.txt
2016-01-07 04:32 - 2016-01-07 04:32 - 0019476 _____ () C:UsersJacekAppDataLocaldd_vcredistUI11E5.txt
2014-05-13 21:04 - 2014-05-13 21:05 - 0048170 _____ () C:UsersJacekAppDataLocaldd_vcredistUI3133.txt
2013-08-17 19:20 - 2013-08-17 19:20 - 0002230 _____ () C:UsersJacekAppDataLocalMAN310.tmp
2014-05-13 21:22 - 2014-05-13 21:22 - 0002340 _____ () C:UsersJacekAppDataLocalMAN6162.tmp
2014-05-13 20:16 - 2014-05-13 20:16 - 0002340 _____ () C:UsersJacekAppDataLocalMAN7638.tmp
2014-06-04 20:54 - 2014-06-04 20:54 - 0002340 _____ () C:UsersJacekAppDataLocalMANA0E0.tmp
2014-05-13 19:39 - 2014-05-13 19:39 - 0002340 _____ () C:UsersJacekAppDataLocalMANDD63.tmp
2013-08-17 19:20 - 2013-08-17 19:20 - 0002340 _____ () C:UsersJacekAppDataLocalMANFBEB.tmp
2013-08-17 19:20 - 2008-07-29 23:15 - 0076356 _____ () C:UsersJacekAppDataLocalSDB313.tmp
2014-05-13 21:22 - 2008-10-25 21:16 - 0028156 _____ () C:UsersJacekAppDataLocalSDB62BC.tmp
2014-05-13 20:16 - 2008-10-25 21:16 - 0028156 _____ () C:UsersJacekAppDataLocalSDB7698.tmp
2014-06-04 20:54 - 2008-10-25 21:16 - 0028156 _____ () C:UsersJacekAppDataLocalSDBA112.tmp
2014-05-13 19:39 - 2008-10-25 21:16 - 0028156 _____ () C:UsersJacekAppDataLocalSDBDD95.tmp
2013-08-17 19:20 - 2008-10-25 21:16 - 0028156 _____ () C:UsersJacekAppDataLocalSDBFBFE.tmp
2013-08-17 19:04 - 2015-01-26 19:29 - 0061490 _____ () C:UsersJacekAppDataLocaluxeventlog.txt
2013-08-17 19:20 - 2013-08-17 19:20 - 0001500 _____ () C:UsersJacekAppDataLocalVWL311.tmp
2014-05-13 21:22 - 2014-05-13 21:22 - 0001488 _____ () C:UsersJacekAppDataLocalVWL6182.tmp
2014-05-13 20:16 - 2014-05-13 20:16 - 0001488 _____ () C:UsersJacekAppDataLocalVWL7668.tmp
2014-06-04 20:54 - 2014-06-04 20:54 - 0001488 _____ () C:UsersJacekAppDataLocalVWLA0F1.tmp
2014-05-13 19:39 - 2014-05-13 19:39 - 0001488 _____ () C:UsersJacekAppDataLocalVWLDD74.tmp
2013-08-17 19:20 - 2013-08-17 19:20 - 0001488 _____ () C:UsersJacekAppDataLocalVWLFBFC.tmp
2013-08-17 19:20 - 2013-08-17 19:20 - 0204716 _____ () C:UsersJacekAppDataLocalWLF312.tmp
2014-05-13 21:22 - 2014-05-13 21:22 - 0352080 _____ () C:UsersJacekAppDataLocalWLF6183.tmp
2014-05-13 20:16 - 2014-05-13 20:16 - 0246940 _____ () C:UsersJacekAppDataLocalWLF7669.tmp
2014-06-04 20:54 - 2014-06-04 20:54 - 0460884 _____ () C:UsersJacekAppDataLocalWLFA101.tmp
2014-05-13 19:39 - 2014-05-13 19:39 - 0159050 _____ () C:UsersJacekAppDataLocalWLFDD75.tmp
2013-08-17 19:20 - 2013-08-17 19:20 - 0064768 _____ () C:UsersJacekAppDataLocalWLFFBFD.tmp
2015-01-26 21:14 - 2015-01-26 21:14 - 0000128 _____ () C:ProgramDataMicrosoft.SqlServer.Compact.351.32.bc
 
Niektre pliki w TEMP:
====================
C:UsersJacekAppDataLocalTemplibeay32.dll
C:UsersJacekAppDataLocalTempmsvcr120.dll
C:UsersJacekAppDataLocalTempsqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(Brak automatycznej naprawy dla plikw ktre nie przeszy weryfikacji.)
 
C:Windowssystem32winlogon.exe => Plik podpisany cyfrowo
C:Windowssystem32wininit.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64wininit.exe => Plik podpisany cyfrowo
C:Windowsexplorer.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64explorer.exe => Plik podpisany cyfrowo
C:Windowssystem32svchost.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64svchost.exe => Plik podpisany cyfrowo
C:Windowssystem32services.exe => Plik podpisany cyfrowo
C:Windowssystem32User32.dll => Plik podpisany cyfrowo
C:WindowsSysWOW64User32.dll => Plik podpisany cyfrowo
C:Windowssystem32userinit.exe => Plik podpisany cyfrowo
C:WindowsSysWOW64userinit.exe => Plik podpisany cyfrowo
C:Windowssystem32rpcss.dll => Plik podpisany cyfrowo
C:Windowssystem32dnsapi.dll => Plik podpisany cyfrowo
C:WindowsSysWOW64dnsapi.dll => Plik podpisany cyfrowo
C:Windowssystem32Driversvolsnap.sys => Plik podpisany cyfrowo
 
 
LastRegBack: 2016-06-09 23:23
 
==================== Koniec  FRST.txt ============================
Wygenerowano w 0.038s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!